ICANN asked to probe all transfer problems

Page Tools

Domain name registrar Melbourne IT says it hopes the Internet
Corporation for Assigned Names and Numbers, the arbiter of
domain-related issues, will investigate all registrars who do not
adhere to its domain transfer policy with the same zeal it has
shown in investigating the hijacking of the
domain of New York ISP, Panix.

Panix had its domain hijacked over the weekend of January 15-16.
Its domain was registered with Dotster, a registrar based in
Washington. By January 17, the domain had been restored.

Melbourne IT has admitted that it was to blame for the incident
as one of its resellers failed to follow the process for seeking
authorisation for a domain name transfer request.

Melbourne IT chief technical officer Dr Bruce Tonkin said in a
statement that the company, while welcoming the ICANN efforts,
considered the hijacking incident to be "an isolated, but serious,
security incident among many thousands of transfers that have been
processed in accordance with the transfers policy."

He said several of the company's large resellers were much
bigger than any existing ICANN-accredited registrars and had a good
reputation for the development of IT systems and processes.

"Melbourne IT has agreements in place with some of these
resellers regarding the transfer of registrar process. These
agreements have only been applied where each reseller has been able
to fully satisfy and prove to Melbourne IT that they maintain
systems for verifying the actual registrant who wishes to transfer
their name in accordance with the ICANN transfer policy," Dr Tonkin
said.

Despite the existence of a process for checking that a reseller
was complying with the transfers policy, the panix.com incident
showed there was still a risk that a reseller may not be complying
with the transfers policy for all transfers, he said.

"Melbourne IT has software for authenticating transfers that
complies with the ICANN transfers policy, which is used by all its
direct customers and the majority of its reseller customers. As a
result of the panix.com incident, Melbourne IT is planning to
expand the use of this software for all its resellers to further
reduce the risk of an unauthorised transfer," Dr Tonkin said.